Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-14 00:47:21 +00:00
Code Issues Projects Releases Packages Wiki Activity
1861 commits 138 branches 258 tags 165 MiB
Commit graph

1861 commits

This branch
This branch
All branches
Author SHA1 Message Date
dependabot[bot]
9ef9e9870d
Bump golang.org/x/oauth2 from 0.4.0 to 0.5.0 (#1116) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-21 13:42:36 -08:00
Bill Rich
f1582aafa9
Drop tabs for filenames with spaces (#1115) 2023-02-16 17:15:32 -08:00
Bill Rich
9158dcaa80
Correctly parse most filenames with ' and ' (#1113) 2023-02-16 14:11:35 -08:00
ahrav
012fdfe3a2
Update helper text for max-archive-size. (#1114) 2023-02-16 13:56:55 -08:00
ahrav
ea71756e20
[chore] - archive size helper text (#1110) 2023-02-15 10:08:26 -08:00
ahrav
ea40c0f306
Add the unit for max archive size. (#1108) 2023-02-15 09:45:27 -08:00
dependabot[bot]
bcecbcd3d4
Bump github.com/getsentry/sentry-go from 0.17.0 to 0.18.0 (#1102) 
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-14 20:56:35 -06:00
dependabot[bot]
926f490c9f
Bump golang.org/x/crypto from 0.5.0 to 0.6.0 (#1101) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-14 20:55:34 -06:00
dependabot[bot]
bd17aa91e3
Bump golang.org/x/text from 0.6.0 to 0.7.0 (#1100) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-14 20:54:24 -06:00
Miccah
161e499142
[chore] Remove logrus from trufflehog (#1095) 
* [chore] Remove logrus from trufflehog

* Minor fixes

* Fix logFatal call

* Fix logrus call
 2023-02-14 17:00:07 -06:00
Miccah
c6826c4574
Fix nil scan options (#1107) 2023-02-14 12:09:45 -06:00
SAYGIN Metin
f2139a7615
Github filter support for exclude and include (#1087) 
* test

* Add missing head and base hash back.

---------

Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
 2023-02-14 08:40:53 -08:00
Dustin Decker
26c455d302
add more confluence options (#1105) 2023-02-13 13:58:02 -08:00
Mike Vanbuskirk
57983aed4e
adds TESTING doc w. steps for local GHA tests (#1093) 
make doc wording more explicit
 2023-02-13 13:06:50 -05:00
trufflesteeeve
4f13090c01
Remove duplicated detectors (#1092) 
In this case just Heroku and LinearAPI. But this includes the Moonclerck
detector, which appears to be a typo that got turned into a separate
detector type.

Co-authored-by: zubairk14 <zubair.khan@trufflesec.com>
 2023-02-13 11:44:19 -05:00
Dustin Decker
ae14e4506f
add smoke test (#1099) 2023-02-11 11:09:36 -08:00
Dustin Decker
0c66d30c1f
Revert "Make detectors configurable (#1084)" (#1097) 
This reverts commit 67784f6928.
 2023-02-11 08:12:13 -08:00
ahrav
67784f6928
Make detectors configurable (#1084) 
* Make detectors configurable.

* remove redundant check.

* add number of detectors.

* update comment.

* remove reflect.

* inline key.

* replace name w/ type.

* remove temp var.

* fix test name.

* fix engine start.

* add filter unverified to engine.

* reorder engine args.

* Address comments.

* Add include and exclude.

* update comments.

* add comment.

* add comment.
 2023-02-10 16:30:38 -08:00
ahrav
c5c8d10d28
[chore] - Remove monolithic config struct (#1091) 
* REmove monolithic config struct.

* fix broken test.
 2023-02-10 12:43:00 -08:00
Miccah
d317ddb51a
[chore] Remove logrus from circleci, filesystem, gitlab, and s3 sources (#1089) 
* [chore] Remove logrus from circleci, filesystem, gitlab, and s3 sources

* Address comments
 2023-02-10 11:02:55 -06:00
dependabot[bot]
29be679370
Bump github.com/joho/godotenv from 1.4.0 to 1.5.1 (#1075) 
Bumps [github.com/joho/godotenv](https://github.com/joho/godotenv) from 1.4.0 to 1.5.1.
- [Release notes](https://github.com/joho/godotenv/releases)
- [Commits](https://github.com/joho/godotenv/compare/v1.4.0...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/joho/godotenv
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-09 20:02:06 -08:00
Miccah
0ce72ccda3
[chore] Remove logrus from github source (#1086) 
* [chore] Remove logrus from github source

* Fix handleRateLimit test

* Fix tests
 2023-02-09 18:02:04 -06:00
Miccah
58e8c1e4ac
[chore] Remove logrus from engine package (#1085) 2023-02-09 16:55:19 -06:00
trufflesteeeve
114f4b6989
Add Type() to detector interface (#1088) 
* Add Type() to detector interface

The goal here is to allow the detector type information to be used
without the need for reflection. This could possibly allow us to more
easily inject information into detectors or filter them out if
necessary.

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>

* remove test detector

---------

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
 2023-02-09 14:46:03 -08:00
ahrav
e47cc2451f
Dont pre-allocate errors slice. (#1083) 2023-02-08 17:33:30 -08:00
Miccah
1f0fd91205
Skip repo and continue scanning when encountering an error (#1080) 2023-02-08 11:33:01 -06:00
ahrav
0d73dbe638
[chore] - Add tests for errors (#1071) 2023-02-08 04:15:44 -08:00
Bill Rich
7dd2b74f1f
Make archive handler configurable (#1077) 
* Make archive handler configurable.

* Use common.IsDone()
 2023-02-07 15:25:14 -08:00
Bill Rich
b37080e6a5
Add max commit size (#1079) 
* Add max commit size

* Use common.IsDone

* Use breaks instead of return
 2023-02-07 15:25:00 -08:00
ahrav
3f30216356
Add incclude exclude spaces for confluence source. (#1073) 2023-02-06 08:49:45 -08:00
Bill Rich
af6e3f8fdf
Pull gitparse config options out of pkg consts (#1072) 
* Pull gitparse config options out of pkg consts.

* Adjust naming
 2023-02-04 13:19:23 -08:00
Miccah
2d35edfb23
Revert "Add TruffleHog version input for GitHub action (#1064)" (#1068) 
This reverts commit 8dedd08d89.
 2023-02-03 10:05:21 -06:00
Miccah
8dedd08d89
Add TruffleHog version input for GitHub action (#1064) 2023-02-02 14:18:46 -06:00
ahrav
8be89a593b
Handle errors in a thread safe manner (#1052) 
* Handle errors in a thread safe manner.

* fix test.

* fix linter.

* address comments.
 2023-02-02 11:05:33 -08:00
ahrav
80a68b84c2
update webex detector regex (#1062) 
* update webex detector regex.

* fix regex.
 2023-02-01 18:37:51 -08:00
ahrav
58b78b6a5a
Update float detector with correct User-Agent and regex (#1061) 
* Update float detector with correct User-Agent and regex.

* update import order.

* update emial.

* Delete http.go

* add http back.
 2023-02-01 09:48:13 -08:00
swdbo
a53758c4c4
braintree detector: use production API URL instead of the test sandbox version (#1054) 2023-02-01 08:41:52 -08:00
Dustin Decker
1d3206ed36
add bodyclose linter to help prevent file handle leaks (#1048) 2023-01-31 09:04:37 -08:00
dependabot[bot]
26afa76e7c
Bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 (#1039) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-27 17:47:18 -08:00
Miccah
8df9db6ecc
Remove false positive detection for CustomRegex (#1050) 
Checking for false positives can lead to results being removed before
ever getting the opportunity to verify them. Users are already
responsible for verification of custom detectors, so let's not interfere
with how they choose to use it.
 2023-01-27 11:57:10 -06:00
ahrav
e85411b59f
Add file to confluence proto. (#1049) 2023-01-26 17:34:01 -08:00
Alex Shylo
6e58eb4bbb
fix-the-typo (#1046) 
change programatic -> programmatic
Ref: https://www.dictionary.com/browse/programmatic
 2023-01-26 12:53:46 -08:00
Alexandr Marchenko
b29b78c10d
filesystem support for exclude and include filters (2nd attemp) (#1033) 
* fix filter issue - empty lines should be ignored

* filesystem support for filter exclude

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2023-01-26 09:33:45 -08:00
dependabot[bot]
d4f4b1c73e
Bump github.com/rabbitmq/amqp091-go from 1.5.0 to 1.6.0 (#1036) 
Bumps [github.com/rabbitmq/amqp091-go](https://github.com/rabbitmq/amqp091-go) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/rabbitmq/amqp091-go/releases)
- [Changelog](https://github.com/rabbitmq/amqp091-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rabbitmq/amqp091-go/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/rabbitmq/amqp091-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-26 09:27:32 -08:00
Miccah
539be34752
Add openssh-client to trufflehog container (#1045) 
* Add openssh-client to docker container

* Add ssh auth example and --rm to all docker run commands
 2023-01-26 11:26:03 -06:00
Bill Rich
00ebb2ed64
Full git log when targeting base merge commit (#1044) 
* Full git log when targeting merge commits

* Full log is needed whenever base is specified.
 2023-01-26 09:17:54 -08:00
Dustin Decker
4ef546a06b
fix github integration tests (#1042) 2023-01-25 08:57:39 -08:00
Bill Rich
ac1dd23d37
Limit diff size to prevent out of control memory use. (#1035) 
* Limit diff size to prevent out of control memory use.

* Group consts
 2023-01-23 10:14:10 -08:00
ahrav
2088f030f9
Add location to Teams metadata. (#1034) 2023-01-23 08:12:05 -08:00
ahmed
2060ae1c47
Updated stdout to print results in alphabetical order for consistent output (#1032) 2023-01-19 12:58:50 -05:00